Random Number Generation Overview

A Random Number Generator (RNG) generates a sequence of numbers that do not have any pattern and hence is random in nature. The RNG APIs are used for the generation of cryptographically strong random numbers.

Symbian platform implements a Cryptograhically Strong Random Number Generator (CSPRNG) based on the Hash_DRBG algorithm recommended by National Institute of Standards and Technology (NIST) to generate secure random numbers.


CSPRNG generates random numbers that is characterized by randomness, unpredictability and irreproducibility. Many cryptographic applications rely on RNG for its features. Example of applications that use random numbers are listed below:

  • One-time pads

  • Key generation

  • Random nonces

  • Initialization Vectors (IVs)

  • Salts to be hashed with passwords

  • Unique parameters in signing operations


The CSPRNG uses Hash_DRBG algorithm to generate pseudo-random number. Hash_DRBG algorithm is a standard recommended by NIST SP800-90, which uses cryptographic hash functions (SHA-256) to generate random numbers. The strength of PRNG not only depends on the generation algorithm, but also on the strength of entropy input.

Key class


TRandom class provides interfaces to generate random number using the underlying CSPRNG in the kernel layer. This class is typically used to enable the legacy crypto components ( cryptography.dll, hash.dll and random.dll) access the CSPRNG and generate the random numbers.

Its declaration is:

class TRandom        
       // The RandomL and SecureRandomL functions fills the buffer with secure random data.             
      IMPORT_C static void RandomL(TDes8&aDestination); 		
      IMPORT_C static void SecureRandomL(TDes8&aDestination);            

Typical uses

From the OS Security package, CSPRNG can be accessed using TRandom::RandomL and TRandom::SecureRandomL functions, which internally call Math::Random and Math::SecureRandom.

Related concepts